Check Point is extending its comprehensive Industrial Control Systems (ICS) security solution with the introduction of a new 1200R security gateway appliance, enhancements to granular visibility and control of SCADA networks, and SCADA aware threat detection and prevention.
The Check Point 1200R is a new, purpose-built, ruggedized security gateway appliance for harsh environments and remote deployments like those found on plant floors, at remote electrical substations and at power generation facilities. The 1200R complements Check Point’s existing lineup of security gateway appliances that deliver full visibility and granular control of SCADA traffic to prevent network, devices and logical process attacks.
With over 500 SCADA commands and parameters within the Check Point Firewall and Application Control Software Blades, and over 200 SCADA-specific IPS signatures, Check Point offers the most extensive SCADA security support for protocols including Modbus, MMS, DNP3, IEC 60870-5-104, IEC 61850, ICCP, OPC, BACnet, Profinet, Siemens Step7 and many others. Specialized threat reports in Check Point’s management console, SmartEvent, provides full reports on SCADA traffic to grant quick and detailed forensics for incident investigations.
Check Point also provides a full IT-OT security blueprint to protect the corporate perimeter, the bridge between IT-OT, the operator workstations, and the SCADA devices and traffic to deliver the best security for ICS.
Electricity, transportation and water systems are powered by ICS. An attack on these assets, systems and networks, whether physical or virtual, has the potential to shut down an entire region or country's power grid, disrupt critical systems and production lines.
“Continuous cybersecurity breaches against critical infrastructure industries will result in environmental events exceeding $10 billion, catastrophic loss of life and new regulation, globally, by 2019,” states Gartner. In 2014, ICS-CERT responded to 245 reported incidents against industrial control systems in industries like manufacturing, energy, water and transportation. More than half of these incidents involved Advanced Persistent Threats (APTs) or sophisticated actors. Industrial control systems are typically under protected and highly vulnerable to breaches. These systems are compromised by aging and older software and Operating Systems (OS) that are typically not updated or patched frequently. When they are updated, fixing patches of ICS systems creates a long window of exposure, sometimes years, leaving these systems open to attacks.
“ICS protection is not to be taken lightly. Once cybercriminals gain access to a control system, damage is inevitable. The result of an ICS breach will be devastating - and it’s not a question of ‘if it happens,’ but ‘when it happens,’ which is why Check Point is dedicated to proactively protecting ICS to prevent such catastrophic events,” said Dorit Dor, vice president of products at Check Point Software Technologies. “The 1200R appliance is a new security gateway optimized for deployment in the harshest of industrial environments and remote locations to support ICS/SCADA and deliver what we see as unmatched security to a nation’s most precious assets.”
“Check Point offers protection to our wide ranging assets by providing the capability to securely connect assets located over a large geographic area in less than ideal locations. We’re very pleased Check Point is taking this initiative with a SCADA solution to ensure our critical assets are protected. The addition of the new 1200R as an example of this innovation," says Shawn Kearley, Infrastructure Analyst at Newfoundland Power.